v1.14.5/command/write_test.go - hashicorp/vault - Git at Google

 // Copyright (c) HashiCorp, Inc.
 // SPDX-License-Identifier: MPL-2.0

 package command

 import (
 	"io"
 	"strings"
 	"testing"

 	"github.com/hashicorp/vault/api"
 	"github.com/mitchellh/cli"
 )

 func testWriteCommand(tb testing.TB) (*cli.MockUi, *WriteCommand) {
 	tb.Helper()

 	ui := cli.NewMockUi()
 	return ui, &WriteCommand{
 		BaseCommand: &BaseCommand{
 			UI: ui,
 		},
 	}
 }

 func TestWriteCommand_Run(t *testing.T) {
 	t.Parallel()

 	cases := []struct {
 		name string
 		args []string
 		out  string
 		code int
 	}{
 		{
 			"not_enough_args",
 			[]string{},
 			"Not enough arguments",
 			1,
 		},
 		{
 			"empty_kvs",
 			[]string{"secret/write/foo"},
 			"Must supply data or use -force",
 			1,
 		},
 		{
 			"force_kvs",
 			[]string{"-force", "auth/token/create"},
 			"token",
 			0,
 		},
 		{
 			"force_f_kvs",
 			[]string{"-f", "auth/token/create"},
 			"token",
 			0,
 		},
 		{
 			"kvs_no_value",
 			[]string{"secret/write/foo", "foo"},
 			"Failed to parse K=V data",
 			1,
 		},
 		{
 			"single_value",
 			[]string{"secret/write/foo", "foo=bar"},
 			"Success!",
 			0,
 		},
 		{
 			"multi_value",
 			[]string{"secret/write/foo", "foo=bar", "zip=zap"},
 			"Success!",
 			0,
 		},
 		{
 			"field",
 			[]string{
 				"-field", "token_renewable",
 				"auth/token/create", "display_name=foo",
 			},
 			"false",
 			0,
 		},
 		{
 			"field_not_found",
 			[]string{
 				"-field", "not-a-real-field",
 				"auth/token/create", "display_name=foo",
 			},
 			"not present in secret",
 			1,
 		},
 	}

 	for _, tc := range cases {
 		tc := tc

 		t.Run(tc.name, func(t *testing.T) {
 			t.Parallel()

 			client, closer := testVaultServer(t)
 			defer closer()

 			ui, cmd := testWriteCommand(t)
 			cmd.client = client

 			code := cmd.Run(tc.args)
 			if code != tc.code {
 				t.Errorf("expected %d to be %d", code, tc.code)
 			}

 			combined := ui.OutputWriter.String() + ui.ErrorWriter.String()
 			if !strings.Contains(combined, tc.out) {
 				t.Errorf("expected %q to contain %q", combined, tc.out)
 			}
 		})
 	}

 	t.Run("force", func(t *testing.T) {
 		t.Parallel()

 		client, closer := testVaultServer(t)
 		defer closer()

 		if err := client.Sys().Mount("transit/", &api.MountInput{
 			Type: "transit",
 		}); err != nil {
 			t.Fatal(err)
 		}

 		ui, cmd := testWriteCommand(t)
 		cmd.client = client

 		code := cmd.Run([]string{
 			"-force",
 			"transit/keys/my-key",
 		})
 		if exp := 0; code != exp {
 			t.Fatalf("expected %d to be %d: %q", code, exp, ui.ErrorWriter.String())
 		}

 		secret, err := client.Logical().Read("transit/keys/my-key")
 		if err != nil {
 			t.Fatal(err)
 		}
 		if secret == nil || secret.Data == nil {
 			t.Fatal("expected secret to have data")
 		}
 	})

 	t.Run("stdin_full", func(t *testing.T) {
 		t.Parallel()

 		client, closer := testVaultServer(t)
 		defer closer()

 		stdinR, stdinW := io.Pipe()
 		go func() {
 			stdinW.Write([]byte(`{"foo":"bar"}`))
 			stdinW.Close()
 		}()

 		_, cmd := testWriteCommand(t)
 		cmd.client = client
 		cmd.testStdin = stdinR

 		code := cmd.Run([]string{
 			"secret/write/stdin_full", "-",
 		})
 		if code != 0 {
 			t.Fatalf("expected 0 to be %d", code)
 		}

 		secret, err := client.Logical().Read("secret/write/stdin_full")
 		if err != nil {
 			t.Fatal(err)
 		}
 		if secret == nil || secret.Data == nil {
 			t.Fatal("expected secret to have data")
 		}
 		if exp, act := "bar", secret.Data["foo"].(string); exp != act {
 			t.Errorf("expected %q to be %q", act, exp)
 		}
 	})

 	t.Run("stdin_value", func(t *testing.T) {
 		t.Parallel()

 		client, closer := testVaultServer(t)
 		defer closer()

 		stdinR, stdinW := io.Pipe()
 		go func() {
 			stdinW.Write([]byte("bar"))
 			stdinW.Close()
 		}()

 		_, cmd := testWriteCommand(t)
 		cmd.client = client
 		cmd.testStdin = stdinR

 		code := cmd.Run([]string{
 			"secret/write/stdin_value", "foo=-",
 		})
 		if code != 0 {
 			t.Fatalf("expected 0 to be %d", code)
 		}

 		secret, err := client.Logical().Read("secret/write/stdin_value")
 		if err != nil {
 			t.Fatal(err)
 		}
 		if secret == nil || secret.Data == nil {
 			t.Fatal("expected secret to have data")
 		}
 		if exp, act := "bar", secret.Data["foo"].(string); exp != act {
 			t.Errorf("expected %q to be %q", act, exp)
 		}
 	})

 	t.Run("integration", func(t *testing.T) {
 		t.Parallel()

 		client, closer := testVaultServer(t)
 		defer closer()

 		_, cmd := testWriteCommand(t)
 		cmd.client = client

 		code := cmd.Run([]string{
 			"secret/write/integration", "foo=bar", "zip=zap",
 		})
 		if code != 0 {
 			t.Fatalf("expected 0 to be %d", code)
 		}

 		secret, err := client.Logical().Read("secret/write/integration")
 		if err != nil {
 			t.Fatal(err)
 		}
 		if secret == nil || secret.Data == nil {
 			t.Fatal("expected secret to have data")
 		}
 		if exp, act := "bar", secret.Data["foo"].(string); exp != act {
 			t.Errorf("expected %q to be %q", act, exp)
 		}
 		if exp, act := "zap", secret.Data["zip"].(string); exp != act {
 			t.Errorf("expected %q to be %q", act, exp)
 		}
 	})

 	t.Run("communication_failure", func(t *testing.T) {
 		t.Parallel()

 		client, closer := testVaultServerBad(t)
 		defer closer()

 		ui, cmd := testWriteCommand(t)
 		cmd.client = client

 		code := cmd.Run([]string{
 			"foo/bar", "a=b",
 		})
 		if exp := 2; code != exp {
 			t.Errorf("expected %d to be %d", code, exp)
 		}

 		expected := "Error writing data to foo/bar: "
 		combined := ui.OutputWriter.String() + ui.ErrorWriter.String()
 		if !strings.Contains(combined, expected) {
 			t.Errorf("expected %q to contain %q", combined, expected)
 		}
 	})

 	t.Run("no_tabs", func(t *testing.T) {
 		t.Parallel()

 		_, cmd := testWriteCommand(t)
 		assertNoTabs(t, cmd)
 	})
 }
	// Copyright (c) HashiCorp, Inc.
	// SPDX-License-Identifier: MPL-2.0

	package command

	import (
	"io"
	"strings"
	"testing"

	"github.com/hashicorp/vault/api"
	"github.com/mitchellh/cli"
	)

	func testWriteCommand(tb testing.TB) (cli.MockUi, WriteCommand) {
	tb.Helper()

	ui := cli.NewMockUi()
	return ui, &WriteCommand{
	BaseCommand: &BaseCommand{
	UI: ui,
	},
	}
	}

	func TestWriteCommand_Run(t *testing.T) {
	t.Parallel()

	cases := []struct {
	name string
	args []string
	out string
	code int
	}{
	{
	"not_enough_args",
	[]string{},
	"Not enough arguments",
	1,
	},
	{
	"empty_kvs",
	[]string{"secret/write/foo"},
	"Must supply data or use -force",
	1,
	},
	{
	"force_kvs",
	[]string{"-force", "auth/token/create"},
	"token",
	0,
	},
	{
	"force_f_kvs",
	[]string{"-f", "auth/token/create"},
	"token",
	0,
	},
	{
	"kvs_no_value",
	[]string{"secret/write/foo", "foo"},
	"Failed to parse K=V data",
	1,
	},
	{
	"single_value",
	[]string{"secret/write/foo", "foo=bar"},
	"Success!",
	0,
	},
	{
	"multi_value",
	[]string{"secret/write/foo", "foo=bar", "zip=zap"},
	"Success!",
	0,
	},
	{
	"field",
	[]string{
	"-field", "token_renewable",
	"auth/token/create", "display_name=foo",
	},
	"false",
	0,
	},
	{
	"field_not_found",
	[]string{
	"-field", "not-a-real-field",
	"auth/token/create", "display_name=foo",
	},
	"not present in secret",
	1,
	},
	}

	for _, tc := range cases {
	tc := tc

	t.Run(tc.name, func(t *testing.T) {
	t.Parallel()

	client, closer := testVaultServer(t)
	defer closer()

	ui, cmd := testWriteCommand(t)
	cmd.client = client

	code := cmd.Run(tc.args)
	if code != tc.code {
	t.Errorf("expected %d to be %d", code, tc.code)
	}

	combined := ui.OutputWriter.String() + ui.ErrorWriter.String()
	if !strings.Contains(combined, tc.out) {
	t.Errorf("expected %q to contain %q", combined, tc.out)
	}
	})
	}

	t.Run("force", func(t *testing.T) {
	t.Parallel()

	client, closer := testVaultServer(t)
	defer closer()

	if err := client.Sys().Mount("transit/", &api.MountInput{
	Type: "transit",
	}); err != nil {
	t.Fatal(err)
	}

	ui, cmd := testWriteCommand(t)
	cmd.client = client

	code := cmd.Run([]string{
	"-force",
	"transit/keys/my-key",
	})
	if exp := 0; code != exp {
	t.Fatalf("expected %d to be %d: %q", code, exp, ui.ErrorWriter.String())
	}

	secret, err := client.Logical().Read("transit/keys/my-key")
	if err != nil {
	t.Fatal(err)
	}
	if secret == nil \|\| secret.Data == nil {
	t.Fatal("expected secret to have data")
	}
	})

	t.Run("stdin_full", func(t *testing.T) {
	t.Parallel()

	client, closer := testVaultServer(t)
	defer closer()

	stdinR, stdinW := io.Pipe()
	go func() {
	stdinW.Write([]byte(`{"foo":"bar"}`))
	stdinW.Close()
	}()

	_, cmd := testWriteCommand(t)
	cmd.client = client
	cmd.testStdin = stdinR

	code := cmd.Run([]string{
	"secret/write/stdin_full", "-",
	})
	if code != 0 {
	t.Fatalf("expected 0 to be %d", code)
	}

	secret, err := client.Logical().Read("secret/write/stdin_full")
	if err != nil {
	t.Fatal(err)
	}
	if secret == nil \|\| secret.Data == nil {
	t.Fatal("expected secret to have data")
	}
	if exp, act := "bar", secret.Data["foo"].(string); exp != act {
	t.Errorf("expected %q to be %q", act, exp)
	}
	})

	t.Run("stdin_value", func(t *testing.T) {
	t.Parallel()

	client, closer := testVaultServer(t)
	defer closer()

	stdinR, stdinW := io.Pipe()
	go func() {
	stdinW.Write([]byte("bar"))
	stdinW.Close()
	}()

	_, cmd := testWriteCommand(t)
	cmd.client = client
	cmd.testStdin = stdinR

	code := cmd.Run([]string{
	"secret/write/stdin_value", "foo=-",
	})
	if code != 0 {
	t.Fatalf("expected 0 to be %d", code)
	}

	secret, err := client.Logical().Read("secret/write/stdin_value")
	if err != nil {
	t.Fatal(err)
	}
	if secret == nil \|\| secret.Data == nil {
	t.Fatal("expected secret to have data")
	}
	if exp, act := "bar", secret.Data["foo"].(string); exp != act {
	t.Errorf("expected %q to be %q", act, exp)
	}
	})

	t.Run("integration", func(t *testing.T) {
	t.Parallel()

	client, closer := testVaultServer(t)
	defer closer()

	_, cmd := testWriteCommand(t)
	cmd.client = client

	code := cmd.Run([]string{
	"secret/write/integration", "foo=bar", "zip=zap",
	})
	if code != 0 {
	t.Fatalf("expected 0 to be %d", code)
	}

	secret, err := client.Logical().Read("secret/write/integration")
	if err != nil {
	t.Fatal(err)
	}
	if secret == nil \|\| secret.Data == nil {
	t.Fatal("expected secret to have data")
	}
	if exp, act := "bar", secret.Data["foo"].(string); exp != act {
	t.Errorf("expected %q to be %q", act, exp)
	}
	if exp, act := "zap", secret.Data["zip"].(string); exp != act {
	t.Errorf("expected %q to be %q", act, exp)
	}
	})

	t.Run("communication_failure", func(t *testing.T) {
	t.Parallel()

	client, closer := testVaultServerBad(t)
	defer closer()

	ui, cmd := testWriteCommand(t)
	cmd.client = client

	code := cmd.Run([]string{
	"foo/bar", "a=b",
	})
	if exp := 2; code != exp {
	t.Errorf("expected %d to be %d", code, exp)
	}

	expected := "Error writing data to foo/bar: "
	combined := ui.OutputWriter.String() + ui.ErrorWriter.String()
	if !strings.Contains(combined, expected) {
	t.Errorf("expected %q to contain %q", combined, expected)
	}
	})

	t.Run("no_tabs", func(t *testing.T) {
	t.Parallel()

	_, cmd := testWriteCommand(t)
	assertNoTabs(t, cmd)
	})
	}